Exploit

KRACK WPA2 Wi-fi Exploit

You may well have heard of the security exploit that was discovered in the WPA2 key implementation that is widely used in all Wi-Fi network installations/devices, commonly referred to as the ‘KRACK’ exploit.

This does affect Wi-Fi networks, computers that use Wi-Fi connections, including laptops/desktop/smart phones/tablets, etc.

Information about the exploit can be found here (this is a technical document): https://en.wikipedia.org/wiki/KRACK

It should be pointed out in this document that it stresses that the weakness/exploit is in the WPA key management itself, (i.e. the software implementation), not in the encryption standards that are used to encrypt data for Wi-Fi connections, or the products that use Wi-Fi for data transmission.

For clients of FlightPath IT, we want to assure you that we have taken steps to apply a security upgrade to your Wi-Fi networking hardware that we manage at your organization, to protect your Wi-Fi communications from this exploit. We are also working to insure that any workstations or other devices that we manage for your organization will be updated with security patches from the vendor of the operating systems (Windows/Mac OS X, etc.)

To date, there are no reported exploits of this weakness in the WPA protocol key handling, but we are working proactively to insure that there is no risk in your organization.

Also, please be aware that if you are using a VPN connection over your Wi-Fi network, the data traveling over that connection would not be vulnerable to this exploit, since the VPN client software will encrypt that data separately.

If you have questions or concerns about this, please reach out to us and we will be happy to discuss in detail the steps we have taken to secure your infrastructure.